Latest News

TNC day 2: Sand, security, surgery and more

The British science fiction writer Douglas Adams came up with ‘Four Ages of Sand’ in the history of tools with which to do scientific research, with sand forming the basic material for glass lenses, transistors and now optical fibres. A fifth Age was postulated today, 20 May, by Josh Howlett of JANET(UK) during his plenary presentation at the TERENA Networking Conference.

The ‘Age of the Looking Glass’ refers to another fictional classic, in which a mirror gives a girl access to a world unconstrained by the physical laws of the real world. This is the age we are in now, he said, with a growing number of people realising their “own little universes” in which to work and collaborate, thanks to network technology, services and applications.

The problem, Josh Howlett presented, is that people need to maintain their identity in these different universes in order to move around the network in ways that are not obvious, but the current ‘identity messy-system’ limits this ability. The key question he addressed is how to establish trust in people’s identities.

Drawing metaphors about Galapagos island finches and Devonian shale rock in America, Josh Howlett showed that today’s identity protocols are so numerous and specific to certain layers of the network that there is no connection between them. This places an increased burden on users and network administrators alike and means information cannot flow between the layers, potentially resulting in security problems.

Like builders installing foundations to bind different strata of rock and prevent slippage, networkers need to ‘dig down in the stack’ and tap into layers of identity information in order to build a stronger system of trust. “A little policy can go a long way”, he suggested, and is in general a better approach than seeking technical solutions. The quest for “fewer and smarter” protocols and policies has begun, he concluded, and he invited participants to join in discussion on these issues during a ‘Birds of a Feather’ session in the evening.

Network Access Control and Beyond

Moving the topic from who can be connected to what can be connected, Steve Hanna of Juniper Networks explained Network Access Control (NAC) and related technologies in the second plenary presentation of the day.

He discussed approaches to controlling which devices can be connected, under what circumstances, and to fixing “unhealthy” machines. These have converged into one architecture and set of standards, Trusted Network Connect. All architecture and specifications have been released and are available on the Trusted Computer Group website. Meanwhile, rapid development and compliance testing continue, he said.

"I really worry about our networks", Steve Hanna continued, considering the question, "where next beyond NAC?". Distrust of the Internet and connected devices is well founded, he said, with around 50% of PCs infected or controlled by botnets. "We would like to have automated responses to perceived attacks so that we can quarantine the system." He presented IF-MAP, a new standard, published three weeks ago, which should achieve stronger linkage of security systems.

Sessions Highlights

A consistent message emerged from a morning session about malicious traffic; the bad news is that there is a lot of it around – the good news is that a significant amount of it can be dealt with using existing tools such as filtering, IPSec and analysis of flows. Evidence for this came from a three-month study of 28 billion packets on the Swedish national network, which found that 50 million were obviously ‘wrong’, with incomplete fragments, bad source and / or destination addresses, and other things that were fairly easy to spot.

A concurrent session on medical applications included a presentation about an initiative to improve connectivity between the UK’s National Health Service network N3, and the research and education network, JANET. For security reasons these sectors traditionally use separate networks, but this leads to 'two PC' syndrome for medical personnel and researchers working in both sectors. The aim is to better integrate these sectors through improved authorisation and authentication mechanisms.

The distribution of medical images featured in two presentations in the same session. Such images tend to be large and there are often security issues with sending them electronically, but indexing and off-site backup improve the service. MEDICUS is a system built using the GLOBUS tool kit to distribute and store DICOM images (the standard medical imaging format) across decentralised servers.

More medical images could be seen during the lunch break, with a live demonstration of high definition video conferencing between locations in Belgium, Japan, Singapore and Italy. Surgeon Dr Shuji Shimizu of Kyushu University Hospital in Fukuoka, Japan has regularly conducted such demonstrations at APAN (Asia-Pacific Advanced Network) meetings in recent years, and last year established a collaboration with the Italian national research networking organisation, GARR, but this was the first time that he and colleagues had given the demonstration specifically to a European audience of networkers.

During the afternoon two sessions on honeypots took place. These included an overview of RFID (Radio Frequency Identity) technology, its historical context, and the security issues the current technology presents. There was also a presentation on the Leurré.com distributed honeypot system that aimed to improve understanding of cyber-attacks and to help reduce their number. Intrusion detection systems and the use of signature profiles for detecting specific types of attacks were also discussed.

Links

Archived video streams of all TNC presentations are available from http://tnc2008.terena.org/media/archive.php.

Most of the slides and some of the papers can be downloaded by clicking on the relevant session in the programme, at http://tnc2008.terena.org/schedule/.